CVE-2026-41999 PowerDNS CVE debrief

Who should care

Administrators and operators who use DNS views and accept TCP PROXY protocol traffic should review this issue, especially in environments running the referenced PowerDNS software. Security teams should also pay attention if their deployments rely on source-IP-based policy decisions or view segregation.

Technical summary

The source corpus only confirms that the flaw involves incorrect view behavior when TCP PROXY requests are processed. NVD lists CVSS 3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N, which suggests a remotely reachable issue with limited confidentiality and integrity impact and no availability impact. No exploit details, affected versions, or patch-specific instructions were present in the supplied sources.

Defensive priority

Medium. The severity score is moderate, but the issue may matter operationally if your DNS policy or client classification depends on views and PROXY-protocol-aware traffic handling.

Recommended defensive actions

• Check whether you run PowerDNS authoritative deployments that use views and TCP PROXY requests.
• Review the referenced PowerDNS security advisory for affected versions and fixes.
• Apply vendor updates or mitigations as soon as they are available for your deployment.
• Validate that any source-IP or view-based access policies still behave as expected after patching.
• Monitor for anomalous DNS responses or policy-routing behavior in environments that rely on views.

Evidence notes

Source evidence is limited to the NVD record and its reference to the official PowerDNS advisory. NVD metadata shows vulnStatus "Received" and the CVSS vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N. The corpus did not include affected version ranges, CPE data, exploit details, or a confirmed vendor/product mapping beyond the PowerDNS advisory link, so vendor attribution remains low confidence.

Official resources